d58ea718e306598e5ce6aefb36833b11ae4fb6c6e6817c324396cfdd64930493

Sharing

Copy URL

Twitter E-mail

General

Target

d58ea718e306598e5ce6aefb36833b11ae4fb6c6e6817c324396cfdd64930493
Size

277KB
MD5

692fc24bcde890f1a130b1d73bf85599
SHA1

be1b2a606df7d67c9a86bfbcd0c3c8bffbb23be1
SHA256

d58ea718e306598e5ce6aefb36833b11ae4fb6c6e6817c324396cfdd64930493
SHA512

9313cda6f197cd1357e0ab0cbb7ccc5b9c13ce35c756781abaaaa0ae57f2f166e466582926dcc6ff86129ac6e84f8e41f84fd78c5146ba8fb7568a7f189742da
SSDEEP

3072:3SpXYV+pv94+cG3x0hh2ZU01fF7Kyf52jTfAX+tFROqv+Hy6XM96Rh67TL3zx:3SmV+Tf3qMU01fF77foX3hdVYT6739

Score

N/A

Malware Config

Signatures

Files

d58ea718e306598e5ce6aefb36833b11ae4fb6c6e6817c324396cfdd64930493
.exe windows x86

42f20bfa8ad3457e0155ca9acce8b584

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

AccessibleChildren
GetRoleTextW
AccessibleObjectFromWindow

wininet

InternetCrackUrlW

kernel32

GetProcAddress
GetModuleHandleW
lstrcmpiW
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
CloseHandle
WaitForSingleObject
Sleep
CreateThread
CreateEventW
GetCommandLineW
ReleaseMutex
WideCharToMultiByte
lstrlenA
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
WriteFile
LockResource
FindResourceExW
LoadLibraryW
GetVersionExW
GetCurrentThreadId
SetEvent
LocalFree
LocalAlloc
GetCurrentProcess
DeleteCriticalSection
CreateDirectoryW
ReadFile
GetFileSize
CreateMutexW
WaitForMultipleObjects
GetTickCount
SetFilePointer
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
ExitProcess
LCMapStringW
IsProcessorFeaturePresent
GetStdHandle
HeapCreate
InitializeCriticalSectionAndSpinCount
InterlockedIncrement
InterlockedDecrement
lstrlenW
RaiseException
LoadLibraryExW
GetLastError
FreeLibrary
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleW
CreateFileW
FlushFileBuffers
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
HeapSetInformation
GetFileAttributesW
EncodePointer
DecodePointer
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy

user32

SetForegroundWindow
ShowWindow
GetMessageW
GetDesktopWindow
PostThreadMessageW
CharNextW
FlashWindowEx
DispatchMessageW
LoadStringW
MsgWaitForMultipleObjects
PeekMessageW
GetWindowPlacement
CharUpperW
TranslateMessage

advapi32

RegQueryValueExW
GetSecurityDescriptorLength
RegSetValueExA
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumKeyExW

shell32

ShellExecuteExW
SHGetSpecialFolderPathW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
CoCreateGuid
CoAddRefServerProcess
CoReleaseServerProcess
CoInitialize

oleaut32

VariantCopy
VariantClear
VariantInit
RegisterTypeLi
SysFreeString
VarUI4FromStr
SysStringLen
LoadRegTypeLi
LoadTypeLi
SysAllocString
UnRegisterTypeLi
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen

shlwapi

SHDeleteKeyW
StrStrIW

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 10KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.brdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

42f20bfa8ad3457e0155ca9acce8b584

Headers

DLL Characteristics

File Characteristics

Imports

oleacc

wininet

kernel32

user32

advapi32

shell32

ole32

oleaut32

shlwapi

Sections

.text Size: 129KB - Virtual size: 129KB

.rdata Size: 33KB - Virtual size: 33KB

.data Size: 10KB - Virtual size: 18KB

.rsrc Size: 13KB - Virtual size: 12KB

.reloc Size: 13KB - Virtual size: 12KB

.brdata Size: 72KB - Virtual size: 72KB

.text
Size: 129KB - Virtual size: 129KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 10KB - Virtual size: 18KB

.rsrc
Size: 13KB - Virtual size: 12KB

.reloc
Size: 13KB - Virtual size: 12KB

.brdata
Size: 72KB - Virtual size: 72KB